This week’s cyber news roundup includes some household names, healthcare cyber attack ramifications, and new ways hackers are targeting consumers through… their cars? Checkout the latest in cybersecurity news:
Equiniti Trust Company Hit with Fine Following Cyber Incidents
Equiniti Trust Company, a financial services firm, was fined $850,000 by the Securities and Exchange Commission (SEC) for failing to secure customer assets following two cyberattacks in 2022 and 2023. In the cyber incidents, hackers managed to steal over $6.6 million, with one attack involving the fraudulent transfer of funds to overseas bank accounts after hijacking an email chain. The SEC found Equiniti Trust Company in violation of regulations concerning the protection of user funds, highlighting the growing threat of business email compromise schemes where hackers deceive employees into transferring company funds.
The financial punishment highlights the importance of financial firms implementing effective cybersecurity measures to safeguard client assets in a time of increasing cyber threats. The SEC’s director of the San Francisco Regional Office stated that companies must provide necessary safeguards against cyber intrusions, especially as threat actors become more sophisticated in the digital realm.
Spotify Phishing Email Scams Targeting Unsuspecting Listeners
Spotify listeners should be on the lookout for a new phishing scam impersonating the popular audio streaming service. The scam involves receiving an email claiming that the recipient’s payment has not been received, leading to the suspension of their Spotify subscription. The email prompts users to click a link to update their account and resolve the issue urgently.
To identify this scam, readers are advised to carefully examine the email address of the sender. In the phishing emails, scammers modify the sender’s name to appear as “Spotify Premium,” while the actual email address is not associated with Spotify. Clicking on the link in the email puts individuals at risk of having their personal information compromised and possibly falling victim to financial fraud.
Baystate Health Dealing with the Financial Ramifications of Email Security Attacks
Baystate Health is seeking the recovery of $420,000 lost in an email scam. The complaint filed in federal court reveals that Baystate Health mistakenly wired $700,000 to a scammer in 2022. After discovering the scam, efforts by the Secret Service and the U.S. Attorney’s Office led to the identification and seizure of some of the funds. However, a significant portion of $420,000 remains “unaccounted for,” prompting Baystate Health to take legal action against the bank it alleges allowed the funds to be transferred to the scammer’s account.
It is important to note that the potential consequences of falling victim to such scams can be financially devastating, as evidenced by this incident involving Baystate Health. The lawsuit highlights the need for increased vigilance and robust security measures to protect against email scams and fraudulent activities that can lead to significant financial losses. Organizations and individuals are advised to exercise caution when conducting financial transactions and be proactive in verifying the authenticity of requests to prevent falling prey to similar scams in the future.
Fake QR Codes on Parking Meters are Stealing Money from Unsuspecting Drivers
It was discovered at the end of August that thieves are using fake QR codes on parking meters to defraud drivers in the Los Angeles area. The scammers place these fake QR codes on parking meters, leading drivers to a deceptive website where they are prompted to input their location and payment information.
Once submitted, this information can be misused for unauthorized charges or to steal personal data. Scammers create fraudulent websites that closely resemble legitimate ones, making it crucial for users to scrutinize the URL and look for misspellings or variations, such as a single letter difference, that may indicate a scam.
This type of scam, while first identified in the LA area, can occur anywhere and poses a significant risk to individuals who unknowingly fall victim to it. The Federal Trade Commission advises individuals to be cautious when using QR codes, ensuring that they verify the website they are directed to and watch out for any signs of a potential scam, such as fake stickers placed over real QR codes.
Stay Up to Date to Protect Your Online Security
Tune into our Bolster news round ups every few weeks to get the latest security news insight and attack details. With better knowledge comes better planning, so be sure to catch the latest global cyber happenings to help arm your business against new and evolving threats.
